In order to tighten the mixed content blocking, Firefox will soon prevent a plug-in embedded on a secure, HTTPS site from loading content served from an insecure, non-HTTPS site. Firefox 60 and later will show a console warning for such cases.

Adobe Flash is the only plug-in currently supported in Firefox, and therefore this change will particularly affect loading of external XML data, which should also be served from a secure site.